Cybersecurity and IT Audit Consultant

    • Job Tracking ID: 512240-688188
    • Job Location: Quincy, MA
    • Job Level: Mid Career (2+ years)
    • Level of Education: BA/BS
    • Job Type: Full-Time/Regular
    • Date Updated: June 11, 2019
    • Years of Experience: 2 - 5 Years
    • Starting Date: ASAP
Invite a friend
facebook LinkedIn Twitter Email

Job Description:

blumshapiro , New England’s largest regional accounting, tax and advisory firm, is seeking a Cybersecurity Consultant for its Risk Management Consulting practice in Massachusetts (Boston and Quincy). The professional in this role will provide information security and compliance consultative services to middle-market/large organizations. Primary responsibilities will include the following:

  • Provide expertise and deliver cybersecurity and IT audit services in the Massachusetts markets, with occasional travel outside Massachusetts
  • Advising clients in improving information security and cybersecurity practices
  • Performing information security risk assessments and cyber threat analyses
  • Performing gap analyses according to various technology / compliance standards
  • Understanding and documenting IT internal controls for organizations’ process/data/workflow
  • Evaluating and Testing IT general and application controls
  • Providing hands-on contribution to cybersecurity and technology vulnerability assessment projects
  • Developing creative, logical solutions and assisting in the presentation of findings and recommendations to clients
  • Interacting with clients on a regular basis for various cyber-security and IT audit related projects
  • Meeting deadlines and proactively communicating with project team members
  • Attending professional networking events and speaking engagements
  • Contributing to cybersecurity thought leadership content
  • Attending professional development sessions on a regular basis
  • Performing assignments both autonomously and as part of a team
  • Participate in other advisory services assignments as needed

Experience and Skills:

  • Bachelor’s degree in cybersecurity, information technology, business information systems, audit or a related field is required
  • Professional cybersecurity, technology consulting and/or IT audit background and/or experience preferred
  • Practical experience evaluating the security of various IT infrastructure, servers, networks, domains and other systems using security tools is preferred
  • Knowledge of various security compliance standards and best practices preferred (ex: ISO 27002, CSA, PCI, CIS, NIST 800 Series)
  • Understanding of various security governance frameworks (ex: COBIT, COSO, NIST CSF, ISO 27001)
  • Knowledge or awareness of IT audit and reporting frameworks (ex: SOC-1, SOC-2, Shared Assessments)
  • Ability to problem-solve and think both creatively and logically
  • A demonstrated ability to self-direct and effectively organize, prioritize and manage multiple projects under tight deadlines
  • A demonstrated knowledge or awareness of a variety of technologies and cybersecurity topics
  • Ability to create various types of reports: presentations, findings/recommendation and workflow documents
  • Outstanding interpersonal and relationship building skills
  • Excellent analytical and organizational skills
  • Exceptional written and verbal communication skills
  • Proficient with MS Office tools (Office365, Word, Excel, Access, PowerPoint, Visio, Teams)